From: Mike N. <mh...@us...> - 2005-02-25 20:38:59
|
On Fri, 2005-02-25 at 11:39, Mike Noyes wrote: > Everyone, > Our website was cracked using the phpWebSite announce module. A file > named nst.gif.php was uploaded to images/announce. I've removed the file > and locked down that directory. Also, I changed our database password > and hub_hash. I'm in the process of diffing the last mysqldump. > > I'll keep everyone apprised of my progress. OK. I think our website is operational again. Please let me know if you see any problems. > phpWebSite-0.10.0_exploit > http://www.securityfocus.com/archive/1/391496/2005-02-21/2005-02-27/0 -- Mike Noyes <mhnoyes at users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ SF.net Projects: ffl, leaf, phpwebsite, phpwebsite-comm, sitedocs |